US20130166456A1 - System and Method for Remote Payment Based on Mobile Terminal - Google Patents

System and Method for Remote Payment Based on Mobile Terminal Download PDF

Info

Publication number
US20130166456A1
US20130166456A1 US13/521,114 US201013521114A US2013166456A1 US 20130166456 A1 US20130166456 A1 US 20130166456A1 US 201013521114 A US201013521114 A US 201013521114A US 2013166456 A1 US2013166456 A1 US 2013166456A1
Authority
US
United States
Prior art keywords
mobile terminal
authentication server
public key
smart card
digital certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/521,114
Inventor
Zhibang Zhang
Dianbin Lian
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN201010276067.XA priority Critical patent/CN101938520B/en
Priority to CN201010276067.X priority
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to PCT/CN2010/079140 priority patent/WO2012031433A1/en
Assigned to ZTE CORPORATION reassignment ZTE CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LIAN, DIANBIN, ZHANG, ZHIBANG
Publication of US20130166456A1 publication Critical patent/US20130166456A1/en
Application status is Abandoned legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3229Use of the SIM of a M-device as secure element
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures

Abstract

The present invention discloses a method for remote payment based on a mobile terminal. The method includes: an authentication server asking a mobile terminal for a digital certificate, the mobile terminal transmitting an certificate reading instruction to the built-in smart card, and after the smart card exports the stored digital certificate, the mobile terminal transmitting it to the authentication server for certificate registration, and the authentication server sending a signature instruction to the mobile terminal, the mobile terminal transmitting a private key signature instruction to the built-in smart card, the smart card sending out the signature result and the mobile terminal reporting the signature result to the authentication server. The present invention also discloses a system for remote payment based on mobile terminal, a mobile terminal and a smart card. The present invention not only breaks through the limitation of short of transmitting the personal ID and password by using short message and WAP.

Description

    TECHNICAL FIELD
  • The present invention relates to the field of mobile communication technology, and in particular, to a system and method for remote payment based on a mobile terminal, and a mobile terminal and a smart card of the mobile terminal in the system.
  • BACKGROUND OF THE RELATED ART
  • With the gradual popularization of online shopping in daily life, the remote payment function is accepted by more and more people. Now, the means of network payment is generally realized through the bank card and it has a very high demand for the network security, and it generally needs to use the digital certificate. With the popularization and application of the concept of the mobile phone payment, the mobile phone payment is favored by the people for the characteristics, such as the high popularization of the mobile phone and the easy payment, etc.
  • The mainstream mobile phone payment technology mainly has the following three kinds at present:
  • the first kind is the Near Field Communication (NFC) Technology from Europe, which is the scheme with the longest time and the most extensive influence. This scheme combines the non-contact smart card technology with the mobile phone, integrates the radio frequency chip into the mother board of mobile phone, realizes the communication between the mobile phone and the Point of Sale (POS) machine or the card reader, and thus realizes the mobile phone payment. The maximum defect of this way lies in that if the user wants to use the mobile phone payment, the user must select the mobile phone with the NFC function.
  • The second kind is a frequently-used SIM PASS standard based on 13.56 MHZ at present. The SIMpass technology integrates the DI card technology and the Subscriber Identity Module (SIM) card technology together, or it is called two-interface SIM card, that is, it has two work interfaces, the contact interface and the non-contact interface, wherein the contact interface is used for realizing the SIM function, and the non-contact interface is used for realizing the payment function, which is compatible with a plurality of application specifications of the smart card.
  • The third kind is the RFID SIM based on 2.4 GHz, of which the realization mechanism is similar to the above SIMpass.
  • From the above introduction of the mainstream mobile phone payment technology, it can be seen that the current mobile phone payment technology is basically limited to short distance payment technology.
  • The remote payment function is limited by the network security and the current technology, and is not used widely. The current technology means is mainly verifying the information such as the ID information, login password and mobile phone password of the mobile phone user and so on, that is, the remote payment is performed. However, the personal information of the mobile phone user is very easy to be captured by some lawbreakers when the information is transmitted through short message or the Wireless Application Protocol (WAP), thus causing enormous losses. It can be predicted that the security performance of the mobile phone payment will be the key factor limiting whether it is applied extensively.
  • Therefore, how to realize the safe, simple and convenient remote payment of the mobile terminal becomes the technical problem required to be solved.
  • SUMMARY OF THE INVENTION
  • The technical problem that the present invention requires to solve is to provide a system and method for remote payment based on a mobile terminal, and a mobile terminal and a smart card of the mobile terminal in the system, used for realizing the remote payment of the mobile terminal signature.
  • In order to solve the above-mentioned problem, the present invention provides a system for remote payment based on a mobile terminal, comprising:
  • an authentication server, configured to ask a mobile terminal for a digital certificate and send a signature instruction to the mobile terminal when the remote payment is performed, and perform remote payment authentication; and
  • the mobile terminal, comprising a smart card storing the digital certificate; wherein, the smart card is configured to: generate the digital certificate and send the digital certificate to the authentication server when a request for asking for a certificate is received, and send out a signature result and upload the signature result to the authentication server when the signature instruction is received.
  • The remote payment system further comprises:
  • a browser module, configured to: provide an interactive interface of the authentication server and the smart card, send the request for asking for the certificate and the signature instruction to the smart card of the mobile terminal, and upload the digital certificate and the signature result to the authentication server; wherein,
  • the browser module and the smart card perform interaction by adopting a personal computer/a smart card channel, and a Cryptographic Service Provider (CSP) application plugin is built-in in the browser module.
  • The browser module locates in a computer operating system of the mobile terminal, or in an operating system of a personal computer connecting with the mobile terminal.
  • The smart card of the mobile terminal is further configured to: apply for the digital certificate from the authentication server, generate a private-public key pair when a private-public key pair generation request is received, upload public key information to the authentication server after a public key information request command is received, and receive and store the digital certificate sent by the authentication server from the authentication server; and
  • the authentication server is further configured to: send the private-public key pair generation request according to a request of the mobile terminal, receive the public key information, generate the digital certificate and send the digital certificate to the mobile terminal.
  • The smart card of the mobile terminal comprises: a file system module, a security system module, an over the air (OTA) function module, and a RSA function module, wherein,
  • the RSA function module is configured to generate the private-public key pair;
  • the security system module is configured to perform an encryption operation;
  • the file system module is configured to store the digital certificate; and
  • the over the air (OTA) function module belongs to an air interface module, and the OTA function module connects to a wireless network.
  • In order to solve the above-mentioned problem, the present invention further provides a method for remote payment based on a mobile terminal, comprising:
  • an authentication server asking a mobile terminal for a digital certificate, the mobile terminal transmitting a certificate reading instruction to a built-in smart card, after the smart card exports a stored digital certificate, the mobile terminal transmitting the digital certificate to the authentication server for certificate registration; and
  • the authentication server sending a signature instruction to the mobile terminal, the mobile terminal transmitting a private key signature instruction to the built-in smart card, and the smart card sending out a signature result and the mobile terminal reporting the signature result to the authentication server.
  • In the step of the smart card exporting a stored digital certificate, the digital certificate stored by the smart card of the mobile terminal is obtained by the mobile terminal performing an online application to the authentication server, wherein, the way of the mobile terminal obtaining the digital certificate by performing the online application to the authentication server comprises:
  • the mobile terminal applying for the digital certificate from the authentication server, and the authentication server sending a private-public key pair generation request according to a request of the mobile terminal;
  • the mobile terminal generating a private-public key pair according to the private-public key pair generation request, and uploading public key information to the authentication server after a public key information request command is received;
  • the authentication server generating the digital certificate and sending the digital certificate to the mobile terminal after verifying the public key information; and
  • the mobile terminal receiving and storing the digital certificate sent by the authentication server in the smart card.
  • The mobile terminal and the authentication server perform interaction through a browser; and
  • a Cryptographic Service Provider (CSP) application plugin is built-in in the browser, and the browser and the smart card perform the interaction by adopting a personal computer/a smart card channel.
  • Instructions of the mobile terminal and the authentication server performing the interaction comprise: a security service instruction and a returned data/state instruction;
  • wherein, the security service instruction comprises one or a combination of the following instructions: a private-public key generation instruction; a signature verification instruction; an encryption and decryption instruction; a certificate reading instruction; and a public key reading instruction;
  • wherein, the returned data/state comprises one or a combination of the followings: public key data; public key certificate data; a result value of a private key signature; and error state information.
  • In order to solve the above-mentioned problem, the present invention further provides a mobile terminal, comprising a smart card storing a digital certificate; wherein, the smart card is configured to: generate the digital certificate and send the digital certificate to an authentication server when a request for asking for a certificate is received, and send out a signature result and upload the signature result to the authentication server when a signature instruction is received.
  • The smart card of the mobile terminal is further configured to: apply for the digital certificate from the authentication server, generate a private-public key pair when a private-public key pair generation request is received, upload public key information to the authentication server after a public key information request command is received, and receive and store the digital certificate sent by the authentication server from the authentication server; and
  • The smart card comprises: a file system module, a security system module, an over the air (OTA) function module, and a RSA function module, wherein,
  • the RSA function module is configured to generate a private-public key pair;
  • the security system module is configured to perform an encryption operation;
  • the file system module is configured to store the digital certificate; and
  • the over the air (OTA) function module belongs to an air interface module, and the OTA function module connects to a wireless network.
  • In order to solve the above-mentioned problem, the present invention further provides a smart card, which is built-in in a mobile terminal and performs interaction with a personal computer system end through a personal computer/a smart card channel; wherein,
  • the smart card comprises: a file system module, a security system module, an over the air (OTA) function module, and a RSA function module, wherein,
  • the RSA function module is configured to generate a private-public key pair;
  • the security system module is configured to perform an encryption operation;
  • the file system module is configured to store a digital certificate; and
  • the over the air (OTA) function module belongs to an air interface module, and the OTA function module connects to a wireless network.
  • The digital certificate stored by the file system module is for being sent to an authentication server by the mobile terminal when a request for asking for a certificate is received;
  • the security system module is configured to perform the encryption operation according to the following way: performing the encryption on a signature when a signature instruction is received, and uploading an encrypted signature result to the authentication server; and
  • the RSA function module is configured to generate a private-public key pair according to the following way: generating the private-public key pair when a private-public key pair generation request is received in a process of the mobile terminal applying for the digital certificate from the authentication server.
  • Compared with the current technology, both the generation of the private-public key pair and the storage of the certificate are performed at the local mobile terminal in the present invention, which has higher security and portability. In the process of the remote payment, the digital certificate and signature (that is, the password) of the user needs to be used. Similarly, the mobile terminal connects with the PC end through the data interface, and the server website of the PC end sends the certificate request, and the mobile terminal obtains the request and uploads the digital certificate. The PC end registers the certificate to the browser and then sends to the server, preparing for verifying the signature. The server end initiates the private-public key pair request after receiving the certificate. After the mobile terminal uploads the private-public key successfully, verifying the signature ends.
  • The present invention not only breaks through the limitation of short distance of the mobile phone payment, but also has more security and privacy than the manner of transmitting the personal ID and password by using short message and WAP. Meanwhile, if the browser of the mobile terminal itself is used, there is no need to depend on the external computer, and the mobile terminal directly performs the interaction with the authentication server, which realizes the operations, such as the self-service certificate application and the signature verification, etc. The present invention has higher security and portability, thus bringing the convenience of usage to the user when the remote payment is performed, which helps protect the individual privacy information of the user and ensures the security of the remote payment.
  • BRIEF DESCRIPTION OF DRAWINGS
  • FIG. 1 is a schematic diagram of a system for realizing remote payment by connecting a mobile terminal with an external PC;
  • FIG. 2 is a schematic diagram of a system for realizing remote payment by a mobile terminal using an internal PC operating system;
  • FIG. 3 is a connection diagram of a PC/SC channel between a smart card of a mobile terminal and a PC side;
  • FIG. 4 is a schematic diagram of a function module at a smart card side and a PC side;
  • FIG. 5 is a flow chart of a mobile terminal performing certificate application;
  • FIG. 6 is a flow chart of a mobile terminal performing remote payment signature verification.
  • PREFERRED EMBODIMENTS OF THE PRESENT INVENTION
  • In order to make the objective, technical scheme and advantage of the present invention more clear, the present invention is described in detail with reference to the accompanying drawings hereinafter. It should be illustrated that, in the case of not conflicting, the embodiments in the present application and features in these embodiments can be combined with each other at random.
  • The system for remote payment based on a mobile terminal signature of the present invention realizes the support to the remote payment function by modifying the mobile terminal, the browser module and the data channel between the smart card of the mobile terminal and the browser.
  • As shown in FIG. 1, it shows a schematic diagram of a typical system for remote payment based on the mobile terminal signature. The system for remote payment based on the mobile terminal signature includes: a mobile terminal, a Personal Computer (PC) end, and an authentication server.
  • The mobile terminal includes a Smart Card (SC). There is already an AT channel between the mobile terminal and the PC end, and the personal computer/smart card PC/SC channel also needs to be added, which is used to be able to perform the communication between the smart card and the PC standard device. The PC/SC channel is a standard structure defined for the smart card visiting the Windows platform, used for transmitting the self-defined APL Protocol Data Unit (APDU) instruction. Correspondingly, the PC/SC driver needs to be added in the driver program of the mobile terminal.
  • The PC end has a browser module, and it needs to perform improvement on the browser in order to support the CSP API. The Cryptographic Service Provider (CSP) is used for the services, such as key generation/exchange, encryption and decryption, etc.
  • The authentication server is used to generate the digital certificate, send and verify the digital certificate.
  • Since both the certificate application and the signature verification of the mobile terminal mainly take place between the authentication server and the smart card, and they needs to be forwarded by the browser and the mobile terminal therebetween, the mutual data interaction is performed through the PC/SC channel.
  • The PC end can be an ordinary personal computer or notebook computer or mobile device with personal computer system, and it can perform network connection with the authentication server through the wired broadband network or the wireless broadband network.
  • In the system shown in FIG. 1, the mobile terminal, together with its built-in smart card, is equivalent to directly connecting the card shield device on the computer system, such as the USBKEY of the bank. That smart card can have both the communication function and the card shield function. The smart card can be a USIM card.
  • FIG. 2 is another schematic diagram of typical system for remote payment based on the mobile terminal signature. With the popularization of the smart mobile terminals such as the smart mobile phone and so on, the function of the mobile terminal is stronger and stronger, and a plurality of mobile terminals have the personal operating system, which can realize the function that the ordinary PC can realize, for example, the mobile terminal can realize the Internet service through the browser, that is to say, it is equivalent to the PC side also being built-in inside the mobile terminal. The smart card interacts with the browser module, and the mobile terminal connects with the authentication server through the wireless network.
  • In FIG. 2, the mobile terminal also needs to be modified, that is, the personal computer/smart card PC/SC channel between the built-in smart card and the browser module and the corresponding driver program are added, and the CSP application plugin is added in the browser module.
  • In the system shown in FIG. 1 and FIG. 2, after the improvement, the mobile terminal with the smart card can guarantee the support to the channel of the security service instruction and the returned data flow. The related ADDU instruction is transmitted to the smart card end (such as the Universal Subscriber Identity Module (USIM)) through this PC/SC channel, which enables the user to realize the function of the electronic signature and identity authentication through the operation of the browser in the process of the remote payment. The sending of the digital certificate of the authentication server, the private-public key pair generated by the mobile terminal and downloading and uploading of the digital certificate are performed through the PC/SC channel.
  • In the system shown in FIG. 1 and FIG. 2, the smart card includes: a file system module, a security system module, an over the air (OTA) function module and a RSA coprocessor, etc. Wherein, the file system module is configured to store the digital certificate, the RSA coprocessor is configured to generate the private-public key pair, the security system module mainly plays a role of encryption, and OTA function module belongs to an air interface module, and can be used by the user to connect to a network.
  • As shown in FIG. 3, it shows a schematic diagram of transmitting the security service instruction sent by the authentication server and the data state information returned by the mobile terminal based on the PC/SC channel. The security service instruction and the data used in the remote payment are all transmitted through the PC/SC channel, and the ordinary instruction and the data can be transmitted through the existing AT channel.
  • As shown in FIG. 4, it shows a detailed schematic diagram of the PC side and the smart card side (USIM card side) classified based on the PC/SC channel.
  • Wherein, on the PC side, the key container is a part of the key database, which includes all the key pairs belonged to one particular user. The encryption library includes a hardware encryption library and a software encryption library, which can be a key database used for storing the key containers of a plurality of users. The CSP API plugin can be imbedded and combined in the browser, and communicates with the authentication server through the Secure Sockets Layer (SSL).
  • Wherein, in the smart card (USIM card) side, it includes: the file system module, the security system module, the OTA function module and the RSA function module. The RSA function module is a RSA coprocessor used for generating the private-public key pair. The file system module is used for storing the digital certificate.
  • Between the PC side and the smart card side, the PC/SC channel is added. The PC/SC channel is one standard structure defined for the smart card visiting the Windows platform, used for transmitting the self-defined APDU instruction. The APDU instruction includes the security service instruction and the state information instruction. The PC/SC channel is further used for transmitting the sending and downloading of the data certificating etc. the CSP belongs to the WINDOWS development content, and it is integrated as one assembly in the browser after the development is finished, to realize the support of the browser to the private-public key.
  • When the mobile terminal connects to the PC end in FIG. 1, it can connect to the PC end through the physical USB interface, and the transmission of the data between the mobile terminal and the PC end is performed through the standard PC/SC channel, which guarantees the security of the data.
  • In order to realize the remote payment of the mobile terminal of the present invention, the newly added APDU instruction is mainly classified as: the security service instruction and the returned data/state instruction.
  • Wherein, the security service instruction mainly includes: the private-public key generation instruction; the signature verification instruction; the encryption and decryption instruction; the certificate reading instruction; and the public key reading instruction.
  • Wherein, the returned data/state mainly includes: the public key data; the public key certificate data; the result value of the private key signature; and the error state information.
  • In order to realize the remote payment of the mobile terminal, it needs to ask for the digital certificate from the authentication server firstly and it only can realize the online payment after the mobile terminal stores the digital certificate. As shown in FIG. 5, it provides a flow chart of the certificate application stages that the mobile terminal applies for the certificate from the authentication server. Since the smart card is adopted in the mobile terminal, the type of the customer certificate applied by the mobile terminal from the authentication server is: the user type of the smart card.
  • The mobile terminal can apply for the customer certificate from the certificate application website (CA or CA agent) by using the browser in its own operating system or the browser in the operating system of the connected PC, and send the application request to the authentication server. The specific application process is as follows:
  • 501: the mobile terminal applies for the certificate from the authentication server through the browser;
  • 502: the authentication server sends the private-public key pair generation request to the mobile terminal;
  • 503: the mobile terminal transparently transmits the private-public key pair generation instruction to the smart card (the USIM card);
  • 504: the smart card generates the private-public key pair by using the internal RSA coprocessor, and stores it in the secure storage area (that is the file system module);
  • 505: the smart card returns the state information to the mobile terminal;
  • 506: the mobile terminal uploads the state information to the authentication server;
  • 507: the authentication server sends the public key information request command to the mobile terminal;
  • 508: the mobile terminal transparently transmits the public key information request command to the smart card, and the smart card reads the public key information;
  • 509: the smart card sends out the public key data to the mobile terminal;
  • 510: the mobile terminal uploads the public key data to the authentication server;
  • 511: the authentication server sends the customer certificate to the mobile terminal;
  • 512: the mobile terminal downloads the certificate, and stores the customer certificate in the smart card.
  • When the mobile terminal stores the digital certificates, it can perform the interaction with the authentication server and realize the remote payment; certainly, the way of the mobile terminal obtaining the digital certificate is not limited to the online obtaining way shown in FIG. 5, and it also can be obtained by preset and using other ways.
  • As shown in FIG. 6, it provides a flow chart of the signature verification stages when the mobile terminal performs the remote payment.
  • 601: the authentication server asks for the digital certificate of customer from the mobile terminal;
  • 602: the mobile terminal transparently transmits the certificate reading instruction to the smart card;
  • 603: the smart card sends out the public key certificate information of the customer to the mobile terminal;
  • 604: the mobile terminal registers the public key certificate information to the IE browser on the PC end, and sends it to the authentication server for verifying the public key certificate information;
  • 605: the authentication server sends the signature instruction to the mobile terminal, and sends the data processed by using the HASH algorithm to the mobile terminal;
  • 606: the mobile terminal transparently transmits the private key signature instruction to the smart card;
  • 607: the smart card sends out the signature result to the mobile terminal;
  • 608: the mobile terminal uploads the signature result to the authentication center, and finishes the signature verification of the remote payment.
  • The smart card supporting the basic security instruction is built-in in the mobile terminal of the present invention, such as the USIM card, which can be called the “card shield”. The smart card after improvement has the remote payment and the security function except the communication function. In order to realize the interaction between the smart card and the external browser, through adding the PC/SC channel and the support to the PC/SC driver in the mobile terminal and the modification of the browser, the application program plugin CSPAPI and so on of the PC end, it develops a series of APDU instructions, which realizes the application and storage of the mobile certificate and the verification of the signature.
  • It can be understood by those skilled in the art that all or part of steps in the above-mentioned method can be fulfilled by programs instructing the relevant hardware components, and the programs can be stored in a computer readable storage medium such as a read only memory, a magnetic disk or an optical disk, etc. Alternatively, all or part of the steps in the above-mentioned embodiments can be implemented with one or more integrated circuits. Accordingly, each module/unit in the above-mentioned embodiments can be implemented in the form of hardware, or in the form of software function module. The present invention is not limit to any specific form of the combination of the hardware and software.
  • The above description is only the preferred embodiments of the present invention and is not intended to limit the present invention. For those skilled in the art, the present invention can have various modifications and variations. All of modifications, equivalents and/or variations without departing from the spirit and essence of the present invention should be included in the scope of the claims of the present invention.
  • INDUSTRIAL APPLICABILITY
  • The present invention not only breaks through the limitation of short distance of the mobile phone payment, but also has more security and privacy than the manner of transmitting the personal ID and password by using short message and WAP. Meanwhile, if the browser of the mobile terminal itself is used, there is no need to depend on the external computer, and the mobile terminal directly performs the interaction with the authentication server, which realizes the operations, such as the self-service certificate application and the signature verification, etc. The present invention has higher security and portability, thus bringing the convenience of usage to the user when the remote payment is performed, which helps protect the individual privacy information of the user and ensures the security of the remote payment.

Claims (18)

What we claim is:
1. A system for remote payment based on a mobile terminal, comprising:
an authentication server, configured to ask a mobile terminal for a digital certificate and send a signature instruction to the mobile terminal when the remote payment is performed, and perform remote payment authentication; and
the mobile terminal, comprising a smart card storing the digital certificate; wherein, the smart card is configured to: generate the digital certificate and send the digital certificate to the authentication server when a request for asking for a certificate is received, and send out a signature result and upload the signature result to the authentication server when the signature instruction is received.
2. The system according to claim 1, further comprising:
a browser module, configured to: provide an interactive interface of the authentication server and smart card, send the request for asking for the certificate and the signature instruction to the smart card of the mobile terminal, and upload the digital certificate and the signature result to the authentication server; wherein,
the browser module and the smart card perform interaction by adopting a personal computer/a smart card channel, and a Cryptographic Service Provider (CSP) application plugin is built-in in the browser module.
3. The system according to claim 2, wherein,
the browser module locates in a computer operating system of the mobile terminal, or in an operating system of a personal computer connecting with the mobile terminal.
4. The system according to claim 1, wherein,
the smart card of the mobile terminal is further configured to: apply for the digital certificate from the authentication server, generate a private-public key pair when a private-public key pair generation request is received, upload public key information to the authentication server after a public key information request command is received, and receive and store the digital certificate sent by the authentication server from the authentication server; and
the authentication server is further configured to: send the private-public key pair generation request according to a request of the mobile terminal, receive the public key information, generate the digital certificate and send the digital certificate to the mobile terminal.
5. The system according to claim 4, wherein,
the smart card of the mobile terminal comprises: a file system module, a security system module, an over the air (OTA) function module, and a RSA function module, wherein,
the RSA function module is configured to generate the private-public key pair;
the security system module is configured to perform an encryption operation;
the file system module is configured to store the digital certificate; and
the OTA function module belongs to an air interface module, and the OTA function module connects to a wireless network.
6. A method for remote payment based on a mobile terminal, comprising:
an authentication server asking a mobile terminal for a digital certificate, the mobile terminal transmitting a certificate reading instruction to a built-in smart card, and after the smart card exports a stored digital certificate, the mobile terminal transmitting the digital certificate to the authentication server for certificate registration; and
the authentication server sending a signature instruction to the mobile terminal, the mobile terminal transmitting a private key signature instruction to the built-in smart card, and the smart card sending out a signature result and the mobile terminal reporting the signature result to the authentication server.
7. The method according to claim 6, wherein, in the step of the smart card exporting a stored digital certificate, the digital certificate stored by the smart card of the mobile terminal is obtained by the mobile terminal performing an online application to the authentication server, wherein, the way of the mobile terminal obtaining the digital certificate by performing the online application to the authentication server comprises:
the mobile terminal applying for the digital certificate from the authentication server, and the authentication server sending a private-public key pair generation request according to a request of the mobile terminal;
the mobile terminal generating a private-public key pair according to the private-public key pair generation request, and uploading public key information to the authentication server after receiving a public key information request command;
the authentication server generating the digital certificate and sending the digital certificate to the mobile terminal after verifying the public key information; and
the mobile terminal receiving and storing the digital certificate sent by the authentication server in the smart card.
8. The method according to claim 6, wherein,
the mobile terminal and the authentication server perform interaction through a browser; and
a Cryptographic Service Provider (CSP) application plugin is built-in in the browser, and the browser and the smart card perform the interaction by adopting a personal computer/a smart card channel.
9. The method according to claim 8, wherein,
instructions of the mobile terminal and the authentication server performing the interaction comprise: a security service instruction and a returned data/state instruction;
wherein, the security service instruction comprises one or a combination of following instructions: a private-public key generation instruction; a signature verification instruction; an encryption and decryption instruction; a certificate reading instruction; and a public key reading instruction; and
wherein, the returned data/state comprises one or a combination of followings: public key data; public key certificate data; a result value of a private key signature; and error state information.
10. A mobile terminal, comprising a smart card storing a digital certificate; wherein,
the smart card is configured to: generate the digital certificate and send the digital certificate to an authentication server when a request for asking for a certificate is received, and send out a signature result and upload the signature result to the authentication server when a signature instruction is received.
11. The mobile terminal according to claim 10, wherein,
the smart card is further configured to: apply for the digital certificate from the authentication server, generate a private-public key pair when a private-public key pair generation request is received, upload public key information to the authentication server after a public key information request command is received, and receive and store the digital certificate sent by the authentication server from the authentication server.
12. The mobile terminal according to claim 10, wherein,
the smart card comprises: a file system module, a security system module, an over the air (OTA) function module and a RSA function module, wherein,
the RSA function module is configured to generate a private-public key pair;
the security system module is configured to perform an encryption operation;
the file system module is configured to store the digital certificate; and
the OTA function module belongs to an air interface module, and the OTA function module connects to a wireless network.
13. (canceled)
14. (canceled)
15. The method according to claim 7, wherein,
the mobile terminal and the authentication server perform interaction through a browser; and
a Cryptographic Service Provider (CSP) application plugin is built-in in the browser, and the browser and the smart card perform the interaction by adopting a personal computer/a smart card channel.
16. The method according to claim 15, wherein,
instructions of the mobile terminal and the authentication server performing the interaction comprise: a security service instruction and a returned data/state instruction;
wherein, the security service instruction comprises one or a combination of following instructions: a private-public key generation instruction; a signature verification instruction; an encryption and decryption instruction; a certificate reading instruction; and a public key reading instruction; and
wherein, the returned data/state comprises one or a combination of followings: public key data; public key certificate data; a result value of a private key signature; and error state information.
17. The mobile terminal according to claim 11, wherein,
the smart card comprises: a file system module, a security system module, an over the air (OTA) function module and a RSA function module, wherein,
the RSA function module is configured to generate the private-public key pair;
the security system module is configured to perform an encryption operation;
the file system module is configured to store the digital certificate; and
the OTA function module belongs to an air interface module, and the OTA function module connects to a wireless network.
18. The mobile terminal according to claim 12, wherein,
the digital certificate stored by the file system module is for being sent by the mobile terminal to an authentication server when a request for asking for a certificate is received;
the security system module is configured to perform the encryption operation according to a following way: performing encryption on a signature when a signature instruction is received, and uploading an encrypted signature result to the authentication server; and
the RSA function module is configured to generate the private-public key pair according to a following way: generate the private-public key pair when a private-public key pair generation request is received in a process of the mobile terminal applying for the digital certificate from the authentication server.
US13/521,114 2010-09-07 2010-11-25 System and Method for Remote Payment Based on Mobile Terminal Abandoned US20130166456A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201010276067.XA CN101938520B (en) 2010-09-07 2010-09-07 Mobile terminal signature-based remote payment system and method
CN201010276067.X 2010-09-07
PCT/CN2010/079140 WO2012031433A1 (en) 2010-09-07 2010-11-25 System and method for remote payment based on mobile terminal

Publications (1)

Publication Number Publication Date
US20130166456A1 true US20130166456A1 (en) 2013-06-27

Family

ID=43391647

Family Applications (1)

Application Number Title Priority Date Filing Date
US13/521,114 Abandoned US20130166456A1 (en) 2010-09-07 2010-11-25 System and Method for Remote Payment Based on Mobile Terminal

Country Status (3)

Country Link
US (1) US20130166456A1 (en)
CN (1) CN101938520B (en)
WO (1) WO2012031433A1 (en)

Cited By (81)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130171967A1 (en) * 2012-01-04 2013-07-04 Ayman S. Ashour Providing Secure Execution of Mobile Device Workflows
CN103473514A (en) * 2013-09-06 2013-12-25 宇龙计算机通信科技(深圳)有限公司 Data storage access method and device
CN103905207A (en) * 2014-04-23 2014-07-02 福建联迪商用设备有限公司 Method and system for unifying APK signature
CN103944903A (en) * 2014-04-23 2014-07-23 福建联迪商用设备有限公司 Multi-party authorized APK signature method and system
US8827154B2 (en) 2009-05-15 2014-09-09 Visa International Service Association Verification of portable consumer devices
CN104092745A (en) * 2014-06-30 2014-10-08 飞天诚信科技股份有限公司 Method for generating criterion of using intelligent card to login remote computer
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US20150312031A1 (en) * 2014-04-23 2015-10-29 Samsung Electronics Co., Ltd. Encryption apparatus, method for encryption and computer-readable recording medium
CN105120452A (en) * 2015-06-30 2015-12-02 小米科技有限责任公司 Information transmission method, device and system
CN105207774A (en) * 2014-05-30 2015-12-30 北京奇虎科技有限公司 Key negotiation method and device of verification information
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US20160094546A1 (en) * 2014-09-30 2016-03-31 Citrix Systems, Inc. Fast smart card logon
US9317848B2 (en) 2009-05-15 2016-04-19 Visa International Service Association Integration of verification tokens with mobile communication devices
US9372971B2 (en) 2009-05-15 2016-06-21 Visa International Service Association Integration of verification tokens with portable computing devices
US9424413B2 (en) 2010-02-24 2016-08-23 Visa International Service Association Integration of payment capability into secure elements of computers
US9516487B2 (en) 2013-11-19 2016-12-06 Visa International Service Association Automated account provisioning
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9530131B2 (en) 2008-07-29 2016-12-27 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9582801B2 (en) 2009-05-15 2017-02-28 Visa International Service Association Secure communication of payment information to merchants using a verification token
US9646303B2 (en) 2013-08-15 2017-05-09 Visa International Service Association Secure remote payment transaction processing using a secure element
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
US9680942B2 (en) 2014-05-01 2017-06-13 Visa International Service Association Data verification using access device
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US9792611B2 (en) 2009-05-15 2017-10-17 Visa International Service Association Secure authentication system and method
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9848052B2 (en) 2014-05-05 2017-12-19 Visa International Service Association System and method for token domain control
US9898740B2 (en) 2008-11-06 2018-02-20 Visa International Service Association Online challenge-response
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US9959531B2 (en) 2011-08-18 2018-05-01 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9972005B2 (en) 2013-12-19 2018-05-15 Visa International Service Association Cloud-based transactions methods and systems
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US9996835B2 (en) 2013-07-24 2018-06-12 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US10043178B2 (en) 2007-06-25 2018-08-07 Visa International Service Association Secure mobile payment system
US10078832B2 (en) 2011-08-24 2018-09-18 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
US10147089B2 (en) 2012-01-05 2018-12-04 Visa International Service Association Data protection with translation
US10154084B2 (en) 2011-07-05 2018-12-11 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10192216B2 (en) 2012-09-11 2019-01-29 Visa International Service Association Cloud-based virtual wallet NFC apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10255456B2 (en) 2014-09-26 2019-04-09 Visa International Service Association Remote server encrypted data provisioning system and methods
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10262001B2 (en) 2012-02-02 2019-04-16 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia merchant analytics database platform apparatuses, methods and systems
US10262308B2 (en) 2007-06-25 2019-04-16 Visa U.S.A. Inc. Cardless challenge systems and methods
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US10289999B2 (en) 2005-09-06 2019-05-14 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US10333921B2 (en) 2015-04-10 2019-06-25 Visa International Service Association Browser integration with Cryptogram
US10361856B2 (en) 2016-06-24 2019-07-23 Visa International Service Association Unique token authentication cryptogram
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US10373133B2 (en) 2010-03-03 2019-08-06 Visa International Service Association Portable account number for consumer payment account
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103108323B (en) * 2011-11-11 2017-08-11 中兴通讯股份有限公司 Safety operation execution system and execution method
CN102542226A (en) * 2011-12-26 2012-07-04 东信和平智能卡股份有限公司 Secure access implementation method applying terminal access intelligent card
CN102571359A (en) * 2012-04-06 2012-07-11 上海凯卓信息科技有限公司 Method for certificating cloud desktop based on smart card
CN103516688A (en) * 2012-06-27 2014-01-15 中国银联股份有限公司 Security information interaction system, equipment and method thereof
CN102938697A (en) * 2012-10-15 2013-02-20 江苏乐买到网络科技有限公司 Intelligent card system
US20150242844A1 (en) * 2012-10-15 2015-08-27 Powered Card Solutions, Llc System and method for secure remote access and remote payment using a mobile device and a powered display card
CN103023642B (en) * 2012-11-22 2016-02-24 中兴通讯股份有限公司 A mobile terminal and a digital certificate functionality implemented method
CN103746800B (en) * 2013-03-15 2017-05-03 福建联迪商用设备有限公司 TMK (terminal master key) safe downloading method and system
CN103747443B (en) * 2013-11-29 2017-03-15 厦门盛华电子科技有限公司 One kind is based on cellphone subscriber's identification card Multi-security domain device and its method for authenticating
CN103888259B (en) * 2014-03-12 2017-11-10 天地融科技股份有限公司 A kind of subscriber identification card
CN103944724B (en) * 2014-04-18 2017-10-03 天地融科技股份有限公司 A kind of subscriber identification card
CN105279647A (en) * 2014-07-16 2016-01-27 中兴通讯股份有限公司 Method, device and intelligent card for achieving remote payment
CN104143142A (en) * 2014-07-17 2014-11-12 马洁韵 Payment system with mobile payment unit and security payment method
CN105376059B (en) * 2014-08-15 2019-04-02 中国电信股份有限公司 The method and system of application signature is carried out based on electron key
CN104954139B (en) * 2015-06-19 2019-02-15 南方电网科学研究院有限责任公司 Cipher machine
CN107196767A (en) * 2017-07-26 2017-09-22 成都三零盛安信息系统有限公司 Certificate request method and device

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6253322B1 (en) * 1997-05-21 2001-06-26 Hitachi, Ltd. Electronic certification authentication method and system
US20020023223A1 (en) * 2000-02-25 2002-02-21 Ernst Schmidt Authorization process using a certificate
US20020077078A1 (en) * 1999-02-11 2002-06-20 Huima Antti Method of securing communication
US20030139174A1 (en) * 2001-12-13 2003-07-24 Far Eastone Telecommunications Co., Ltd. Common service platform and software
US20030172278A1 (en) * 2002-01-17 2003-09-11 Kabushiki Kaisha Toshiba Data transmission links
US20040199768A1 (en) * 2003-04-04 2004-10-07 Nail Robert A. System and method for enabling enterprise application security
US6842863B1 (en) * 1999-11-23 2005-01-11 Microsoft Corporation Certificate reissuance for checking the status of a certificate in financial transactions
US20080027865A1 (en) * 2006-07-31 2008-01-31 Oki Electric Industry Co., Ltd. Individual identifying/attribute authenticating system and individual identifying/attribute authenticating method
US7373656B2 (en) * 2000-10-27 2008-05-13 Sandisk Il Ltd. Automatic configuration for portable devices
US20090328179A1 (en) * 2008-06-27 2009-12-31 Microsoft Corporation Identification of a smart card on a plug and play system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2815203A1 (en) * 2000-10-05 2002-04-12 Ntsys Secure Internet payment agent validated by mobile phone
CN101394615B (en) * 2007-09-20 2012-10-17 中国银联股份有限公司 Mobile payment terminal and payment method based on PKI technique
CN101436280B (en) * 2008-12-15 2012-09-05 北京华大智宝电子系统有限公司 Method and system for implementing electronic payment of mobile terminal

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6253322B1 (en) * 1997-05-21 2001-06-26 Hitachi, Ltd. Electronic certification authentication method and system
US20020077078A1 (en) * 1999-02-11 2002-06-20 Huima Antti Method of securing communication
US6842863B1 (en) * 1999-11-23 2005-01-11 Microsoft Corporation Certificate reissuance for checking the status of a certificate in financial transactions
US20020023223A1 (en) * 2000-02-25 2002-02-21 Ernst Schmidt Authorization process using a certificate
US7373656B2 (en) * 2000-10-27 2008-05-13 Sandisk Il Ltd. Automatic configuration for portable devices
US20030139174A1 (en) * 2001-12-13 2003-07-24 Far Eastone Telecommunications Co., Ltd. Common service platform and software
US20030172278A1 (en) * 2002-01-17 2003-09-11 Kabushiki Kaisha Toshiba Data transmission links
US20040199768A1 (en) * 2003-04-04 2004-10-07 Nail Robert A. System and method for enabling enterprise application security
US20080027865A1 (en) * 2006-07-31 2008-01-31 Oki Electric Industry Co., Ltd. Individual identifying/attribute authenticating system and individual identifying/attribute authenticating method
US20090328179A1 (en) * 2008-06-27 2009-12-31 Microsoft Corporation Identification of a smart card on a plug and play system

Cited By (110)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10289999B2 (en) 2005-09-06 2019-05-14 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US10262308B2 (en) 2007-06-25 2019-04-16 Visa U.S.A. Inc. Cardless challenge systems and methods
US10043178B2 (en) 2007-06-25 2018-08-07 Visa International Service Association Secure mobile payment system
US9530131B2 (en) 2008-07-29 2016-12-27 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9898740B2 (en) 2008-11-06 2018-02-20 Visa International Service Association Online challenge-response
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9582801B2 (en) 2009-05-15 2017-02-28 Visa International Service Association Secure communication of payment information to merchants using a verification token
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US10009177B2 (en) 2009-05-15 2018-06-26 Visa International Service Association Integration of verification tokens with mobile communication devices
US9792611B2 (en) 2009-05-15 2017-10-17 Visa International Service Association Secure authentication system and method
US10387871B2 (en) 2009-05-15 2019-08-20 Visa International Service Association Integration of verification tokens with mobile communication devices
US8827154B2 (en) 2009-05-15 2014-09-09 Visa International Service Association Verification of portable consumer devices
US9904919B2 (en) 2009-05-15 2018-02-27 Visa International Service Association Verification of portable consumer devices
US10049360B2 (en) 2009-05-15 2018-08-14 Visa International Service Association Secure communication of payment information to merchants using a verification token
US9317848B2 (en) 2009-05-15 2016-04-19 Visa International Service Association Integration of verification tokens with mobile communication devices
US9372971B2 (en) 2009-05-15 2016-06-21 Visa International Service Association Integration of verification tokens with portable computing devices
US10043186B2 (en) 2009-05-15 2018-08-07 Visa International Service Association Secure authentication system and method
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US9424413B2 (en) 2010-02-24 2016-08-23 Visa International Service Association Integration of payment capability into secure elements of computers
US9589268B2 (en) 2010-02-24 2017-03-07 Visa International Service Association Integration of payment capability into secure elements of computers
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US10373133B2 (en) 2010-03-03 2019-08-06 Visa International Service Association Portable account number for consumer payment account
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US10154084B2 (en) 2011-07-05 2018-12-11 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10419529B2 (en) 2011-07-05 2019-09-17 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US10354240B2 (en) 2011-08-18 2019-07-16 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9959531B2 (en) 2011-08-18 2018-05-01 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10078832B2 (en) 2011-08-24 2018-09-18 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10402815B2 (en) 2011-08-24 2019-09-03 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US20130171967A1 (en) * 2012-01-04 2013-07-04 Ayman S. Ashour Providing Secure Execution of Mobile Device Workflows
US10147089B2 (en) 2012-01-05 2018-12-04 Visa International Service Association Data protection with translation
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
US10430381B2 (en) 2012-02-02 2019-10-01 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia centralized personal information database platform apparatuses, methods and systems
US10262001B2 (en) 2012-02-02 2019-04-16 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia merchant analytics database platform apparatuses, methods and systems
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US10296904B2 (en) 2012-06-06 2019-05-21 Visa International Service Association Method and system for correlating diverse transaction data
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9727858B2 (en) 2012-07-26 2017-08-08 Visa U.S.A. Inc. Configurable payment tokens
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
US10204227B2 (en) 2012-08-10 2019-02-12 Visa International Service Association Privacy firewall
US10192216B2 (en) 2012-09-11 2019-01-29 Visa International Service Association Cloud-based virtual wallet NFC apparatuses, methods and systems
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US9996835B2 (en) 2013-07-24 2018-06-12 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
US9646303B2 (en) 2013-08-15 2017-05-09 Visa International Service Association Secure remote payment transaction processing using a secure element
CN103473514A (en) * 2013-09-06 2013-12-25 宇龙计算机通信科技(深圳)有限公司 Data storage access method and device
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US9516487B2 (en) 2013-11-19 2016-12-06 Visa International Service Association Automated account provisioning
US10248952B2 (en) 2013-11-19 2019-04-02 Visa International Service Association Automated account provisioning
US10402814B2 (en) 2013-12-19 2019-09-03 Visa International Service Association Cloud-based transactions methods and systems
US9972005B2 (en) 2013-12-19 2018-05-15 Visa International Service Association Cloud-based transactions methods and systems
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US10269018B2 (en) 2014-01-14 2019-04-23 Visa International Service Association Payment account identifier system
US10062079B2 (en) 2014-01-14 2018-08-28 Visa International Service Association Payment account identifier system
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US20150312031A1 (en) * 2014-04-23 2015-10-29 Samsung Electronics Co., Ltd. Encryption apparatus, method for encryption and computer-readable recording medium
US10404461B2 (en) 2014-04-23 2019-09-03 Visa International Service Association Token security on a communication device
US10211974B2 (en) * 2014-04-23 2019-02-19 Samsung Electronics Co., Ltd Encryption apparatus, method for encryption and computer-readable recording medium
CN103905207A (en) * 2014-04-23 2014-07-02 福建联迪商用设备有限公司 Method and system for unifying APK signature
CN103944903A (en) * 2014-04-23 2014-07-23 福建联迪商用设备有限公司 Multi-party authorized APK signature method and system
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US9680942B2 (en) 2014-05-01 2017-06-13 Visa International Service Association Data verification using access device
US9848052B2 (en) 2014-05-05 2017-12-19 Visa International Service Association System and method for token domain control
CN105207774A (en) * 2014-05-30 2015-12-30 北京奇虎科技有限公司 Key negotiation method and device of verification information
CN104092745A (en) * 2014-06-30 2014-10-08 飞天诚信科技股份有限公司 Method for generating criterion of using intelligent card to login remote computer
US10038563B2 (en) 2014-07-23 2018-07-31 Visa International Service Association Systems and methods for secure detokenization
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US10049353B2 (en) 2014-08-22 2018-08-14 Visa International Service Association Embedding cloud-based functionalities in a communication device
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10477393B2 (en) 2014-08-22 2019-11-12 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
US10255456B2 (en) 2014-09-26 2019-04-09 Visa International Service Association Remote server encrypted data provisioning system and methods
US20160094546A1 (en) * 2014-09-30 2016-03-31 Citrix Systems, Inc. Fast smart card logon
KR20170062529A (en) * 2014-09-30 2017-06-07 사이트릭스 시스템스, 인크. Fast smart card logon and federated full domain logon
KR102036758B1 (en) * 2014-09-30 2019-10-28 사이트릭스 시스템스, 인크. Fast smart card logon and federated full domain logon
US10021088B2 (en) * 2014-09-30 2018-07-10 Citrix Systems, Inc. Fast smart card logon
US10122703B2 (en) 2014-09-30 2018-11-06 Citrix Systems, Inc. Federated full domain logon
US10489779B2 (en) 2014-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10412060B2 (en) 2014-10-22 2019-09-10 Visa International Service Association Token enrollment system and method
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10333921B2 (en) 2015-04-10 2019-06-25 Visa International Service Association Browser integration with Cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
CN105120452B (en) * 2015-06-30 2018-11-23 北京小米支付技术有限公司 Transmit the method, apparatus and system of information
CN105120452A (en) * 2015-06-30 2015-12-02 小米科技有限责任公司 Information transmission method, device and system
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US10361856B2 (en) 2016-06-24 2019-07-23 Visa International Service Association Unique token authentication cryptogram
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system

Also Published As

Publication number Publication date
CN101938520A (en) 2011-01-05
CN101938520B (en) 2015-01-28
WO2012031433A1 (en) 2012-03-15

Similar Documents

Publication Publication Date Title
AU2008298581B2 (en) Updating mobile devices with additional elements
EP2731381B1 (en) Method for changing the mobile network operator in an embedded sim on basis of special privilege
US9082119B2 (en) Virtualization and secure processing of data
US9852418B2 (en) Trusted service manager (TSM) architectures and methods
US9161218B2 (en) System and method for provisioning over the air of confidential information on mobile communicative devices with non-UICC secure elements
CN101394615B (en) Mobile payment terminal and payment method based on PKI technique
EP2741548A2 (en) Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor
US9071963B2 (en) Methods, systems, and computer readable media for secure near field communication of a non-secure memory element payload
CA2881429C (en) Method, device and secure element for conducting a secured financial transaction on a device
JP2018088292A (en) System and method for secure transaction process by mobile equipment
US20110185181A1 (en) Network authentication method and device for implementing the same
US9516487B2 (en) Automated account provisioning
CN101938520B (en) Mobile terminal signature-based remote payment system and method
JP2015525389A (en) System and method for enabling secure transactions with mobile devices
FI125071B (en) Payment System
CN101615322B (en) Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function
US20100332832A1 (en) Two-factor authentication method and system for securing online transactions
US10380570B2 (en) System and method for secure communication for cashless transactions
JP6510504B2 (en) Apparatus, program, and method for initially establishing and periodically verifying software application trust
CN101154281B (en) Method and mobile device for migrating finance data in smart card
US8533123B2 (en) Systems and methods for conducting contactless payments using a mobile device and a magstripe payment card
CN102411742A (en) Mobile terminal
US8447982B2 (en) System and method for operating end-to-end security channel between server and IC card
US20150046330A1 (en) Transaction processing system and method
Roland Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack

Legal Events

Date Code Title Description
AS Assignment

Owner name: ZTE CORPORATION, CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ZHANG, ZHIBANG;LIAN, DIANBIN;SIGNING DATES FROM 20120614 TO 20120615;REEL/FRAME:028514/0317

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION